Examples with RegisterRequestMessageLdap org.xdi.oxauth.model.fido.u2f.RegisterRequestMessageLdap used on opensource projects

Example 1 with RegisterRequestMessageLdap

use of org.xdi.oxauth.model.fido.u2f.RegisterRequestMessageLdap in project oxAuth by GluuFederation.

the class U2fRegistrationWS method finishRegistration.

@POST
@Produces({ "application/json" })
public Response finishRegistration(@FormParam("username") String userName, @FormParam("tokenResponse") String registerResponseString) {
    String sessionState = null;
    try {
        log.debug("Finishing registration for username '{}' with response '{}'", userName, registerResponseString);
        RegisterResponse registerResponse = ServerUtil.jsonMapperWithWrapRoot().readValue(registerResponseString, RegisterResponse.class);
        String requestId = registerResponse.getRequestId();
        RegisterRequestMessageLdap registerRequestMessageLdap = u2fRegistrationService.getRegisterRequestMessageByRequestId(requestId);
        if (registerRequestMessageLdap == null) {
            throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).entity(errorResponseFactory.getJsonErrorResponse(U2fErrorResponseType.SESSION_EXPIRED)).build());
        }
        u2fRegistrationService.removeRegisterRequestMessage(registerRequestMessageLdap);
        String foundUserInum = registerRequestMessageLdap.getUserInum();
        RegisterRequestMessage registerRequestMessage = registerRequestMessageLdap.getRegisterRequestMessage();
        DeviceRegistrationResult deviceRegistrationResult = u2fRegistrationService.finishRegistration(registerRequestMessage, registerResponse, foundUserInum);
        // If sessionState is not empty update session
        sessionState = registerRequestMessageLdap.getSessionState();
        if (StringHelper.isNotEmpty(sessionState)) {
            log.debug("There is session state. Setting session state attributes");
            boolean oneStep = StringHelper.isEmpty(foundUserInum);
            userSessionStateService.updateUserSessionStateOnFinishRequest(sessionState, foundUserInum, deviceRegistrationResult, true, oneStep);
        }
        RegisterStatus registerStatus = new RegisterStatus(Constants.RESULT_SUCCESS, requestId);
        // Convert manually to avoid possible conflict between resteasy providers, e.g. jettison, jackson
        final String entity = ServerUtil.asJson(registerStatus);
        return Response.status(Response.Status.OK).entity(entity).cacheControl(ServerUtil.cacheControl(true)).build();
    } catch (Exception ex) {
        log.error("Exception happened", ex);
        try {
            // If sessionState is not empty update session
            if (StringHelper.isNotEmpty(sessionState)) {
                log.debug("There is session state. Setting session state status to 'declined'");
                userSessionStateService.updateUserSessionStateOnError(sessionState);
            }
        } catch (Exception ex2) {
            log.error("Failed to update session state status", ex2);
        }
        if (ex instanceof WebApplicationException) {
            throw (WebApplicationException) ex;
        }
        if (ex instanceof BadInputException) {
            throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).entity(errorResponseFactory.getErrorResponse(U2fErrorResponseType.INVALID_REQUEST)).build());
        }
        throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(errorResponseFactory.getJsonErrorResponse(U2fErrorResponseType.SERVER_ERROR)).build());
    }
}

Example 2 with RegisterRequestMessageLdap

use of org.xdi.oxauth.model.fido.u2f.RegisterRequestMessageLdap in project oxAuth by GluuFederation.

the class RegistrationService method getRegisterRequestMessage.

public RegisterRequestMessage getRegisterRequestMessage(String oxId) {
    String requestDn = getDnForRegisterRequestMessage(oxId);
    RegisterRequestMessageLdap registerRequestMessageLdap = ldapEntryManager.find(RegisterRequestMessageLdap.class, requestDn);
    if (registerRequestMessageLdap == null) {
        return null;
    }
    return registerRequestMessageLdap.getRegisterRequestMessage();
}

Example 3 with RegisterRequestMessageLdap

use of org.xdi.oxauth.model.fido.u2f.RegisterRequestMessageLdap in project oxAuth by GluuFederation.

the class RegistrationService method storeRegisterRequestMessage.

public void storeRegisterRequestMessage(RegisterRequestMessage requestMessage, String userInum, String sessionState) {
    Date now = new GregorianCalendar(TimeZone.getTimeZone("UTC")).getTime();
    final String registerRequestMessageId = UUID.randomUUID().toString();
    RequestMessageLdap registerRequestMessageLdap = new RegisterRequestMessageLdap(getDnForRegisterRequestMessage(registerRequestMessageId), registerRequestMessageId, now, sessionState, userInum, requestMessage);
    ldapEntryManager.persist(registerRequestMessageLdap);
}

Example 4 with RegisterRequestMessageLdap

use of org.xdi.oxauth.model.fido.u2f.RegisterRequestMessageLdap in project oxAuth by GluuFederation.

the class RegistrationService method getRegisterRequestMessageByRequestId.

public RegisterRequestMessageLdap getRegisterRequestMessageByRequestId(String requestId) {
    String baseDn = getDnForRegisterRequestMessage(null);
    Filter requestIdFilter = Filter.createEqualityFilter("oxRequestId", requestId);
    List<RegisterRequestMessageLdap> registerRequestMessagesLdap = ldapEntryManager.findEntries(baseDn, RegisterRequestMessageLdap.class, requestIdFilter);
    if ((registerRequestMessagesLdap == null) || registerRequestMessagesLdap.isEmpty()) {
        return null;
    }
    return registerRequestMessagesLdap.get(0);
}